Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-4032

Опубликовано: 10 дек. 2008
Источник: nvd
CVSS2: 7.5
EPSS Средний

Описание

Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:office_sharepoint_server:2007:*:x32:*:*:*:*:*
cpe:2.3:a:microsoft:office_sharepoint_server:2007:*:x64:*:*:*:*:*
cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x32:*:*:*:*:*
cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x64:*:*:*:*:*
cpe:2.3:a:microsoft:search_server:2008:*:x32:*:*:*:*:*
cpe:2.3:a:microsoft:search_server:2008:*:x64:*:*:*:*:*

EPSS

Процентиль: 98%
0.59434
Средний

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

github логотип

GHSA-49vg-6g45-5h6j

github
почти 4 года назад

Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability."

EPSS

Процентиль: 98%
0.59434
Средний

7.5 High

CVSS2

Дефекты

CWE-287